Описание
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
Ссылки
- PatchVendor Advisory
- Patch
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:gnu:enscript:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:enscript:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:enscript:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:enscript:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:enscript:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:enscript:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:enscript:1.6.3:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.07389
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
почти 21 год назад
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
redhat
почти 21 год назад
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
debian
почти 21 год назад
Enscript 1.6.3 does not sanitize filenames, which allows remote attack ...
github
больше 3 лет назад
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
EPSS
Процентиль: 91%
0.07389
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other